TY - GEN
T1 - Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System
AU - Picard, Noé
AU - Colin, Jean-Noël
AU - Zampunieris, Denis
N1 - Publisher Copyright:
Copyright © 2018 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved
Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2018
Y1 - 2018
N2 - ABAC allows for high flexibility in access control over a system through the definition of policies based on attribute values. In the context of an IoT-based system, these data can be supplied through its sensors connected to the real world, allowing for context-awareness. However, the ABAC model alone does not include proposals for implementing security policies based on verified and/or meaningful values rather than on raw data flowing from the sensors. Nor does it allow to implement immediate action on the system when some security flaw is detected, while this possibility technically exists if the system is equipped with actuators next to its sensors. We show how to circumvent these limitations by adding a proactive engine to the ABAC components, that runs rule-based scenarios devoted to sensor data pre-processing, to higher-level information storage in the PIP, and to real-time, automatic reaction on the system through its actuators when required.
AB - ABAC allows for high flexibility in access control over a system through the definition of policies based on attribute values. In the context of an IoT-based system, these data can be supplied through its sensors connected to the real world, allowing for context-awareness. However, the ABAC model alone does not include proposals for implementing security policies based on verified and/or meaningful values rather than on raw data flowing from the sensors. Nor does it allow to implement immediate action on the system when some security flaw is detected, while this possibility technically exists if the system is equipped with actuators next to its sensors. We show how to circumvent these limitations by adding a proactive engine to the ABAC components, that runs rule-based scenarios devoted to sensor data pre-processing, to higher-level information storage in the PIP, and to real-time, automatic reaction on the system through its actuators when required.
KW - ABAC
KW - Access Control
KW - Event Analysis
KW - Internet of Things
KW - Proactive Computing
UR - http://www.scopus.com/inward/record.url?scp=85051954501&partnerID=8YFLogxK
U2 - 10.5220/0006815803330339
DO - 10.5220/0006815803330339
M3 - Conference contribution
VL - 2018-March
T3 - IoTBDS 2018 - Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security
SP - 333
EP - 339
BT - Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018
A2 - Munoz, Victor Mendez
A2 - Walters, Robert
A2 - Firouzi, Farshad
A2 - Wills, Gary
A2 - Chang, Victor
T2 - Special Session on Recent Advances on Security, Privacy, Big Data and Internet of Things - SPBDIoT 2018 Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018
Y2 - 19 March 2018 through 21 March 2018
ER -